About the job
Primary purpose of job
QatarEnergy is looking to recruit a Lead Systems Engineer (Systems Security) who will join a team responsible for the overall protection, confidentiality, integrity and availability of the ICT systems that support QatarEnergy’s business operations. The lead will be accountable for the overall systems security controls design and implementation for the systems information security domains and ensure robust systems security controls architectures based on current International security best practices and industry frameworks in line with ICT KPIs and CSFs. In addition, the new member will be responsible to support and maintain the day-to-day operations and system change lifecycle of QatarEnergy’s critical security devices, tools & services and shall provide senior technical support for all perimeter security devices whilst providing leadership & mentoring to the team members. The role will be an enabler to the company’s success through the development and implementation of security practices that create a secure working environment.
Experience & Skills
- 10+ years of progressive combined technical experience in systems security solutions, including experience with security principles, and defense-in-depth techniques, related standards, and protocols with a minimum of 7+ years professional hands-on experience in design and support of complex systems security infrastructure preferably in the Oil and Gas industry.
- Expert level of technical hands-on experience in implementation and operation of systems related but not limited to following systems security technologies.
- Ability to identify, implement, create, and operate endpoint security controls, standards, processes, and procedures and ensuring that they are compliant with QatarEnergy’s security policies and internationally recognized security frameworks and standards.
- Effective decision making in terms of potential financial and operational consequences and to improve business efficiency
- Manage and support systems security solutions and provide technical problem support, resolution, and communication when appropriate.
- Excelling communication skills to effectively communicate with ICT internal, QatarEnergy business users, QatarEnergy subsidiaries and joint venture companies, government organizations, third parties, etc. on all matters related to systems security.
- Ability to collect, analyze technical logs and report relevant discovery, provide technical conclusions and suitable recommendations towards resolution of reported incidents based on analyzed technical data in a timely manner.
- High leadership skills and effective resource management.
- Manage and support conventional signature-based protection and applications whitelisting solutions for endpoint security.
- Manage and support endpoint security protection systems: Antivirus, host-based firewall/IPS and device controls.
- Manage and support Data Labeling and DLP solutions.
- Manage and support password management solutions.
- Manage and support endpoint cryptography and data encryption & HSM solutions.
- Manage and support Microsoft Public Key Infrastructure solution.
- Develop, review, and maintain technical documentation and versioning of implemented security systems.
- Research and investigate latest vulnerabilities alerts (CVEs) and implement countermeasures.
- Implement security measures to mitigate newly identified risks and recommend security controls changes or improvements as needed.
- Analyze requests and incidents from QatarEnergy staff and provide solution based on the QatarEnergy Cyber Information Security Framework.
- Effective problem solver with strong analytic skills.
- Ability to interpret, adapt and apply guidelines and procedures.
- Has presentation skills that will gain acceptance of proposed solution from impacted stakeholders.
- Can easily deal with complex technical, organizational and process problems related to projects.
- Attains solid project management skills that will lead to serving security requirements and obtain information about solutions and successful delivery.
- Strong troubleshooting skills in network, software configuration, log interpretation, etc.
- A minimum of a Bachelor’s degree in Network Engineering, Computer Engineering, Electrical/Electronic Engineering, or an equivalent Engineering field.
- Relevant information security certification is a plus (such as Security+, CISSP, or CCIE).
- Solid understanding of application transport and infrastructure protocols (SSL/TLS, DNS, DHCP, WINS, NTP, FTP, HTTP, SMTP, CIFS, LDAP, and Microsoft AD, and ability to support these applications/protocols when accessed through systems security appliances.
- Certified specialist in systems security related systems such as Endpoint security protection, application whitelisting, DLP, PKI, host-based firewalls, least privilege & password management solutions.
- Knowledge of operating systems, applications and databases security principles.
- Excellent writing skills with the ability to write technical blueprints, high- and low-level design documents, standards, processes, procedures, manuals, feasibility studies, and tendering proposals.
- Excellent back MS office applications (MS Office Suite, MS Project, Visio) skills.